Sorry to ask again but i just want to make sure. Are we from now on protected by black lotus or not yet ?
Yep, that's what the server move was about. |
|
|
|
In my opinion Black Lotus will not be able to guard your network (bandwidth) usage in case you are victim to UDP due to protocol nature itself. UDP attacks can be filtered in ISP core routers only. If it is a TCP attack it will be OK with both VPN and Black Lotus solution. However what i have noticed so far - when server was down (attacked) it was responding damn fast to wget with 404 page not found. If responses came from your server not from cloudfire it is pretty obvious that there were no issues with bandwidth at all during the attacks.
UDP will be incredibly easy to defend against since my server won't need UDP to function. Upstream could block all UDP traffic, very easy mitigation. Black Lotus fend off attacks every day, they're not noobs.  The web server was up during the attacks, that must be where you got a quick 404 response from. Trust me the net connection of the mining server was completely saturated. |
|
|
|
1. If the attacks are coming from known IP address - rangers you can easy filter them out on 8.8.8.8 With zero CPU/Network load to your Server 8.8.4.4. I am not aware of the attacks details but believe me Empty Linux box doing nothing just natting one IP can filter a lot  2. You can use Connection iptables limit - i am not aware if it is a good or bad idea since some miners can be affected also 3. And other fancy stuff  We're not running out of CPU here, but bandwidth. One scrubbing server will just get knocked off the net, same as the mining server itself did. I could perhaps set up multiple 10 Gbps servers to scrub traffic, at a data center with very high bandwidth and where they don't blackhole (nullroute) you when you get DDoSed. I don't know a good place for that, nor if it can be done for a reasonable price. I think for now Black Lotus is a good choice. |
|
|
|
Ah, I see. Any way to change the number of workers displayed to a user pref? I have 10 machines total and like to be able to see them all at once... Besides that everything seem to be working fine.
Maybe in the future. All the various tables will be reworked with options for filtering etc. at a slow Internet connection it is not possible to download and/or start bitminter client  I am now somewhere with a laptop and 15 kB/s and (re-)tried till now ~20 times and it always stopped @~90% is there another site (e.g. ftp) to download? Unfortunately not. In the future there will be an alternative distribution method, but it's low priority right now. Note that antivirus and firewall packages sometimes cause the download to stall towards the end. Notorious for this are AVG and McAfee. I haven't tried putting files manually into the java cache, but you can give it a try. However, being able to download with wget but not with java is indicative of the antivirus/firewall issue I mention above. There's a few troubleshooting pointers here: http://www.reddit.com/r/bitminter/comments/1c8oiq/troubleshooting_bitminter_client_startup_problems/ |
|
|
|
What can you tell us about the DDoS and what changes you have made to mitigate the effects? Don't give away any secrets here, but I'm interested.
Many attacks daily that come and go are very disruptive. Probably worse for miners than being completely down, as workers set up with backup pools would jump back and forth. If I had let this go on BitMinter would be completely destroyed. I considered shutting down the pool for a while, but decided against it as BitMinter client still doesn't have backup pool support, some use other miners without backup pool support, and some use a mining client with backup pool support but simply have not set up backups. It would have left many users out in the cold. The nature of the attack is to send an enormous amount of traffic to the server. As its network connection gets overloaded it becomes unable to communicate. I received many suggestions to install a firewall. Unfortunately one of the difficult things with such attacks is that by the time the traffic reaches your server it is already too late. It must be handled upstream. I have decided to go with Black Lotus for anti DDoS protection. These guys are expensive, but they are good at what they do. Hopefully this can help ensure a stable service. I also have other ideas to make the service more DDoS resistant, but they will take some time to implement. There were some hickups while moving servers today. Also the BitMinter software was not prepared for the changes in infrastructure that are happening. I make adjustments as we go. I don't know if we are out of the woods yet, but things are certainly looking a lot better than they did earlier today. Thanks for all the messages in support of BitMinter, suggestions on how to combat this issue, etc. Much appreciated. |
|
|
|
Ok, that clears up some of the mystery here. What about the workers that are no longer listed on my workers page? Do I need to re-enter this information? Also for the one machine that I use with cgminer do I need to change any settings? (It's currently on a backup pool but I would like to return to bitminter with it as it's my most powerful box)
The rest of the mystery: There's been a few small changes on the website. On the worker page there are now pagination buttons at the bottom. You'll need to use those to see the rest of your workers. Also there's a new iOS (iPhone, iPad, etc.) app for BitMinter called BTC Miner, you'll find that in the "tools" -> "third party apps" menu. |
|
|
|
|
I set TTL (time-to-live) on the DNS entry to just 10 minutes. So after I switched mint.bitminter.com over to point at the new us1.bitminter.com workers should have followed fairly quickly.
But still there are 600 getwork/gbt miners and 2 stratum miners at the old server. These don't currently show up with a hashrate at the website. But if you wait 1 minute and reload the page you should see their accepted proofs of work have gone up. Live hashrates are only gathered from one server. Currently anti DDoS and stable mining has priority over fixing this.
BitMinter client specifically sets the java virtual machine to not cache DNS lookups for long. I suspect there are some (broken) DNS servers out there that ignore TTL settings. Maybe they'll cache for 24 hours no matter what TTL is.
|
|
|
|
|
A new server is up and running.
Still 40 Stratum workers and 700 gbt/getwork workers on the old server.
If you are one of those then you won't see your hashrate on the website and it won't be included in the total pool hashrate. It pulls stats only from one server - this will be fixed soon. Hashrates on shifts and blocks pages are correct, but the live hashrates are not. If you don't see your hashrate you can try restarting your miner, that should make it connect to the new server (should not be necessary with BitMinter client).
The old server will be taken down for a bit of maintenance at some point, but I'll wait until there are fewer workers connecting there.
|
|
|
|
Does it make any difference if I'm running 32-bit or 64-bit Java as far as BitMinter is concerned?
BitMinter client is set up to be able to run on both 64 bit and 32 bit. Either should be fine. |
|
|
|
|
DDoS attacks starting up again..
|
|
|
|
The pool is finding roughly 1 in 3 NMC blocks. That is what is expected when the pool's hash rate is roughly 1/3rd that of the NMC network. There is no bug in the assignment of NMC either, I can clearly see that 97% of NMC block rewards have been assigned to miners. My only thought is maybe BitMinter only allocates NMC to miners that have NMC wallets set?
No, we pay out NMC to all active miners, regardless of having set an NMC address or not. |
|
|
|
I've had this happen several times that the counter goes completely haywire, without adding anything to the pool. Even the last version 1.4 does this. Am I right to assume that this is related to the attack?
This is a bug with OpenCL on Mac. Suddenly it starts "finishing" all work instantly and never gets any results. Reboot the Mac and it will work again. |
|
|
|
Once again Consider VPN+NAT for mining backend. Keeping your real IP hidden will help a lot assuming that you have SOME VPS black boxes just to portwarfard mining traffic. Shutting down the Attacked VPS vpn will guard you completely, then Use different VPS for ovpn. I know that this sucks and is pain in the ass, but this will allow you to change your pool ip on the fly and will slow down the attackers. They will need to prepare/launch new attack against new IP then you will change again in a minute and they are fucked up!
Moving from IP to IP to get away from the attack doesn't work. This defense was tried by Slush during a DDoS and the attackers just followed him to new IPs, just like regular users did. The attackers are always reading the bitcointalk threads and any other channels that regular users are reading. And of course they watch for changes in DNS as well. |
|
|
|
for my asic blade do i have to run this commando?
mining_proxy.exe -o mint.bitminter.com -p 3333
Yes, that looks correct. |
|
|
|
BitMinter client version 1.4.0 is out. Changes from 1.3.2 to 1.4.0: - Added support for BFL SC (Butterfly Labs ASIC)
- Fix hashrate measurements for ASICMiner Block Erupter USB
- Fix hashrate gauge being stuck on non-zero value when you stop mining while
in performance mode, then leave performance mode - Mac OS X: Fix "probe all ports" to find ASICMiner Block Erupter USB
- Mac OS X: Use screen menu and dock icon, like other Mac apps
- Default to scanning all ports for external devices on startup
- Remove yellow and red zones and warning light on gauges
- Remove green zone on gauges for devices where we can't determine stock
hashrate. BFL FPGA, BFL ASIC, Icarus-compatible devices (hashrate varies). - Recognize more devices
Try it out:  If you have issues with 1.4.0 then you can still get the previous release (1.3.2) at http://bitminter.com/client/1.3.2/bitminter.jnlpNext up will be Stratum and backup pools. |
|
|
|
That's true if the difficulty stay the same.
Considering that the difficulty is going up fast, it's more profitable to find bloc faster before the difficulty rises again.
No, not necessarily more or less profitable, but more likely to be close to average profitability. The thing with difficulty going up in big jumps and probably never going back down to the old level is that if you had some very good or very bad luck just before the change in difficulty, then that luck does not as easily even out. It's easy to assume that what will happen is that you will have bad luck and then difficulty rises, because many people tend to see the negatives. But what happens if you have very good luck and then the difficulty goes up? |
|
|
|
|
bfgminer and cgminer have good backup pool functionality. And they also wait a bit between requests if there is an error.
Most miners don't pause if there is an error but hammer the server quickly with requests if something is wrong. So if you don't want to become part of the DDoS attack, cgminer and bfgminer are good choices.
|
|
|
|
Somethings wrong with the webpage. Total hashpower 0, live stats almost everything 0 etc...
Website is ok, but there's no statistics from the mining server because it is under DDoS attack again. https://en.wikipedia.org/wiki/Denial-of-service_attackSomeone doesn't want BitMinter around. |
|
|
|
|
Show Posts
